down.tututool.com

Xiamen eName Network Co., Ltd.

Domain Information

The domain down.tututool.com registered by Xiamen eName Network Co., Ltd. was initially registered in June of 2011 through ENAME TECHNOLOGY CO., LTD.. The hosted servers are located in Hangzhou, Zhejiang within China which resides on the Asia Pacific Network Information Centre network.
Registrar:
ENAME TECHNOLOGY CO., LTD.

Server location:
Zhejiang, China (CN)

Create date:
Tuesday, June 21, 2011

Expires date:
Friday, June 21, 2019

Updated date:
Saturday, August 10, 2013

ASN:
AS37963 CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd.,CN

Root domain:

Google Safe Browsing:
malware

Scan engine
Details
Detections

McAfee
Artemis!685658F57A4C, Artemis!63A8238D4AE8, Artemis!DD91C1DD42D1, Artemis!69DCE5295AD9, Artemis!AA948F60FB73
71.43%

avast!
Win32:Rootkit-gen [Rtk], Win32:Malware-gen
71.43%

IKARUS anti.virus
Win32.Malware, AdWare.Downloader
71.43%

McAfee Web Gateway
Artemis!685658F57A4C, Artemis!63A8238D4AE8, Artemis!Trojan
57.14%

Trend Micro House Call
TROJ_GEN.F47V0509, Suspicious_GEN.F47V0618, Suspicious_GEN.F47V0710
42.86%

Vba32 AntiVirus
suspected of Trojan.Downloader.gen.h
42.86%

Antiy Labs AVL
Trojan/Win32.TGeneric, Trojan/Win32.SGeneric, GrayWare[:not-a-virus]/Win32.StartPage.gen
42.86%

SUPERAntiSpyware
Trojan.Agent/Gen-Rootkit
28.57%

G Data
Win32.Trojan.Agent.XC53QJ, Win32.Application.Agent.T0ZQCK
28.57%

Dr.Web
BackDoor.Infector.133, Adware.Softcnapp.4
28.57%

Malwarebytes
Trojan.Agent.NS
14.29%

Kingsoft AntiVirus
Win32.Troj.Adspread.Hh.(kcloud)
14.29%

Zillya! Antivirus
Adware.Adwapper.Win32.7898
14.29%

AegisLab AV Signature
Win.Troj.m8Gz
14.29%

Clam AntiVirus
Win.Trojan.11306639-1
14.29%

The domain down.tututool.com has been seen to resolve to the following 9 IP addresses.

June 7, 2016

June 7, 2016

September 5, 2014

ip28.hichina.com
September 5, 2014

September 5, 2014

ip28.hichina.com
March 15, 2014

ip28.hichina.com
March 15, 2014

AY140120154205Z
March 15, 2014

AY140120154204Z
March 15, 2014

File downloads found at URLs served by down.tututool.com.

17 / 68    (PUP)

3 / 68      (inconclusive)

7 / 68      (Malware)

7 / 68      (Malware)

4 / 68      (inconclusive)

7 / 68      (Malware)

7 / 68      (Malware)

1 / 68      (inconclusive)

1 / 68      (inconclusive)

1 / 68      (inconclusive)

1 / 68      (inconclusive)

URL:
http://down.tututool.com/

Web server:
ASP.NET (ASP.NET) (ASP.NET) (ASP.NET)